Global GPS Infrastructure 'Vulnerable to Attack'

Below:

Next story in Tech and gadgets

Up to 30 percent of the world's Global Positioning System
infrastructure could be taken offline by a 45-second message sent
from equipment that costs only $2,500, researchers, say.

The implications of such an attack are grave and would affect
everything from the abilities of ships, planes and
unmanned drones to navigate to vital military operations and
emergency services' abilities to quickly respond to distress
calls.

"The good news is that as far as we know, we are the only ones
with a
spoofing device currently capable of the types of attacks,"
Carnegie Mellon University's Tyler Nighswander, who co-authored a
paper on the subject, told SC Magazine.

"The bad news is that our spoofer would not be prohibitively
expensive and complicated for someone to build, if they had the
proper skill set ... It's difficult to put an exact likelihood on
these attacks happening."

Nighswander added that a determined attacker faces no huge
obstacles at this time.

The researchers tested the concept on GPS receivers manufactured
by several different companies. Each crashed after receiving the
malicious signal due to "software bugs in the processing of the
navigation message," the paper said.

Researchers' attacks included location spoofs that could trick
certain systems into shutting down or misbehaving, such as
systems that run prisoner ankle bracelets, traffic signals and
other programs
that run critical infrastructure.

"The overall landscape of GPS vulnerabilities is startling, and
our experiments demonstrate a signiﬁcantly larger attack surface
than previously thought," the paper added. "Until GPS is secured,
life and safety-critical applications that depend upon it are
likely vulnerable to attack."